JP3673234B2 - Information recording / reproducing apparatus and information recording / reproducing method for performing encryption processing - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an information recording / reproducing apparatus for content information and the like, and more particularly to an information recording / reproducing apparatus for handling content information and the like whose copyright is protected by prohibiting copying of information and allowing only movement, and to this method. .
[0002]
[Prior art]
Recently, digitalization of content information such as moving images and voices has progressed, and information recording / reproducing apparatuses for handling such information have been developed and spread. This facilitates copying of various types of information, and a technique for sufficiently protecting the copyright of content information is used.
[0003]
For example, in digital broadcasting, content information having copy once copyright information that permits recording of only one generation may be broadcast. When this content information is received by a receiver with a built-in hard disk drive (Hard Disk Driver) and recorded on the hard disk drive, the recorded content information is not permitted to be recorded on other media. And this content information has the copyright information of Copy No More. The hard disk drive is easy to use because of its high access speed, but since the recording capacity is limited, content information that should be stored for a long time may be moved to individual media such as DVHS. The movement here is to reproduce the recorded copy-no-more content information and record it on other media on the condition that the original content information that has been recorded is erased.
[0004]
In the case of recording by DVHS, what has been reproduced once by a device (a receiver with a built-in hard disk drive) that records content information is recorded. In recording with a hard disk drive built-in receiver, in order to prevent unauthorized copying, content information is generally recorded encrypted. In the case of playback, if the content information is played back with encryption on the playback device and recorded on a recording device such as DVHS, the content information cannot be played back on the recorded device. It is necessary to output to the recording device after conversion. The transmission path uses IEEE 1394 or the like, and it is necessary to protect content information using a protection mechanism such as DTCP (Digital Transmission Content Protection).
[0005]
Japanese Patent Laid-Open No. 2000-306328 is known as such a prior art cited document. This cited document is a recording / playback apparatus that handles content information such as audio data, and has a hash value calculated and stored for a music database that is management information of content information in order to prevent unauthorized copying. When reproduction or copying is performed, whether or not the music database has been tampered with is calculated by calculating a hash value and comparing it with the previous hash value. Thus, a technique for preventing copying or reproduction of unauthorized content information is disclosed.
[0006]
However, the above prior art has the following problems when moving the content information. That is, the moving operation may be interrupted due to an unexpected power interruption or malfunction of the apparatus during the movement to a recording medium such as DVHS. In such a case, in the content information, the reproduced part and the unreproduced part are distinguished, and the regenerated part cannot be moved when moving after the power is restored, and only the unreproduced part is included. Although it makes sense to be treated as movable, the above-described prior art has a problem that it is impossible to move uniformly without making such a distinction.
[0007]
On the other hand, content information management is performed in a shorter time, for example, by changing the encryption key of the content information in units of one minute, and the reproduced part key is disabled, so that the reproduced and unreproduced content Information can be managed. However, this method needs to prepare 120 keys for, for example, 120 minutes of content information, and there is a problem that key data management becomes very difficult.
[0008]
[Problems to be solved by the invention]
In other words, in the above-described prior art, if the playback operation is interrupted due to an unexpected power interruption or malfunction of the device during playback (or movement) to DVHS or the like as a recording medium, Among them, the reproduced part and the unreproduced part are distinguished from each other, and it is not possible to treat only the unreproduced part as reproducible, and content information cannot be reproduced uniformly.
[0009]
In addition, according to the technique such as increasing the key value, there is a problem that the key management becomes complicated or the processing time becomes long, and the access time becomes long in random access to the content information.
[0010]
In the present invention, when the reproduction (or movement) of content information is interrupted, the management that the unreproduced part can be reproduced (or moved) and the reproduced part is not reproduced (or moved) is An object of the present invention is to provide an information recording / reproducing apparatus and a method capable of preventing tampering with a simple method.
[0011]
[Means for Solving the Problems]
  The present inventionA setting unit that receives content information, sets and records the reproducible condition of the content information, a power cutoff detection unit that detects that the power is shut off, and starts playback of the content information and stops playback. Alternatively, when the power-off detection unit detects a power-off and the playback is stopped, the update unit updates the playable condition according to the stop position from the playback start position, and the content information is encrypted with the key information. An encryption unit that records and records, a calculation unit that calculates information of the reproducible condition updated by the update unit and records a calculation result, and upon receiving a playback start instruction, the instruction is updated by the update unit When the reproducible condition determining unit that determines whether or not the reproducible condition is met and the reproducible condition determining unit determines that the reproduction start instruction matches the reproducible condition, The information on the reproducible condition used by the live condition determination unit is calculated to obtain a calculation result, and compared with the calculation result calculated and recorded by the calculation unit. A falsification determination unit that determines that the condition has not been falsified, and if the falsification determination unit determines that there is no falsification, the content information encrypted by the encryption unit is decrypted using the encryption key and output When the falsification determination unit determines that falsification has occurred, the content information is not decrypted, or a decryption unit that does not output a signal obtained by decrypting the content information using the encryption key is provided. Is an information recording / reproducing apparatus.
[0012]
According to the present invention, a reproducible condition including reproducible area information indicating a reproducible area is generated based on the above-described characteristics by identifying an already regenerated area of the content information. Then, a hash calculation result is ensured with the reproducible condition as a target of hash calculation or the like, and the hash calculation result is confirmed at the time of reproduction or copying to prevent falsification of the reproducible condition. As a result, content information is differentiated from reproduced and unreproduced, and the reproduction condition that is management information is prevented from being falsified, thereby preventing unauthorized copying of the content information and dealing with power interruptions. Thus, an information recording / reproducing apparatus and an information recording / reproducing method that enable subsequent reproduction processing are provided.
[0013]
DETAILED DESCRIPTION OF THE INVENTION
The information recording / reproducing apparatus according to the present invention will be described below with reference to the drawings.
[0014]
<Information Recording / Reproducing Device According to the Present Invention>
(Overview)
An outline of an example of an information recording / reproducing apparatus according to the present invention will be described with reference to the drawings. FIG. 3 is a block diagram showing an outline of an embodiment of the information recording / reproducing apparatus according to the present invention.
[0015]
In FIG. 3, an information recording / reproducing apparatus according to the present invention includes an input interface 50 for inputting content information and the like from the outside, a tuner 51 connected via a central data bus and receiving a broadcast signal and outputting a received signal. And a power interruption detector 29 for detecting that the power supply to the apparatus is interrupted. Further, a control unit 3 including a CPU and the like for controlling the overall operation and a user instruction unit 2 for receiving an instruction signal from a user using a remote controller or the like are connected to the data bus. Further, an encryption / decryption unit 1 that encrypts / decrypts content information, a decoder 57 that decrypts information, and a display output device 56 that displays operation information, management information of content information, and the like are included in the data bus. Connected to. A hard disk drive (Hard Disk Driver) HDD in which content information and the like are stored is connected, an output interface 59 is connected to a data bus, and is connected to an output terminal 62.
[0016]
An outline of the operation of the information recording / reproducing apparatus having such a structure will be described below. First, broadcast content information is received by the tuner 51. The control unit 3 reads an instruction from the user from a remote controller that is the user instruction unit 2. Upon receiving a recording instruction from the user, the control unit 3 reads the reception time from the current time timer 52, associates it with the received content information, and records it as a file on the hard disk drive HDD. However, it is also preferable to use time data included in a transmission packet in digital broadcasting instead of the time timer 52 in the system. The control unit 3 performs a recording process according to the flowchart of FIG. 8 described later, generates a title key T that is an encryption key and a different key for each title of the content information, and encrypts the content information 22 by the encryption / decryption unit 1 The encrypted content information 18 is recorded on the hard disk drive HDD. The title key T is related information indicating the relevance with the content information 22, and the same function and effect can be achieved even with other equivalent information.
[0017]
Further, the control unit 3 performs processing in accordance with a reproduction processing flowchart shown in FIG. 7 to be described later in response to an instruction from the user, and the portion of the content information to be reproduced corresponds to the reproducible condition. If so, a title key T that is a decryption key is generated, a file is read from the hard disk drive HDD, content information is decrypted by the encryption / decryption unit 1, data is decoded through the decoder 57, and display output is performed. The content information is displayed by the device 56, and this is reproduced in the case of sound.
[0018]
If it is determined that copying is possible, the content information is output from the output terminal 62 via the output interface 59.
[0019]
(Recording process according to the present invention)
Next, recording processing unique to the present invention will be described below with reference to the drawings. FIG. 1 is an explanatory diagram for explaining mainly the reproduction control in an example of the information recording / reproducing apparatus according to the present invention, FIG. 2 is an explanatory diagram for explaining mainly the recording control, and FIGS. It is a figure which shows the example by which some content information was reproduced | regenerated. FIG. 7 is a flowchart for explaining an example of the reproducing process of the information recording / reproducing apparatus according to the present invention, and FIG. 8 is a flowchart for explaining an example of the recording process.
[0020]
Next, processing at the time of recording content information will be described using the explanatory diagram of FIG. FIG. 2 is an explanatory diagram for explaining processing among the encryption / decryption unit 1 of FIG. 3, the remote controller as the user instruction unit 2, the control unit 3, and the hard disk drive HDD. Here, the broken line drawn inside the encryption / decryption unit 1 indicates the one-chip C. By configuring the configuration within the broken line with the one-chip C, further security can be provided.
[0021]
In the information recording / reproducing apparatus described above, broadcast content information 22 having copyright information of copy-once recordable for only one generation is received. The content information may be received through a broadcast tuner 51 such as BS digital broadcast or a demodulator, or may be received from a transmission path of the input interface 50 using IEEE1394 or the like.
[0022]
The video signal of the broadcast content information 22 that is content information is compressed by the MPEG (Moving Picture Expert Group) method or the like. In the case of digital broadcasting, an MPEG2 transport stream format may be used. In this case, a plurality of programs may be multiplexed in one stream, and each program may have different copyright information. In addition, a plurality of programs may have copy once copyright information.
[0023]
Depending on the copyright information, after being stored in the hard disk drive HDD of the receiver, copying can be performed a certain finite number of times, and there are also conditions such as viewing only. In some cases, only a limited number of times can be viewed.
[0024]
The control unit (recording control) 3 performs control during recording. The control unit 3 receives an instruction to start recording from the user from the remote controller that is the user instruction unit 2. The title key generation unit 21 generates a title key T as a source of an encryption key for encrypting and recording the content information when recording of the content information is newly started, and generates a title key encryption unit 25 and a content encryption unit 23. To supply.
[0025]
The control unit (recording control) 3 records the point in time when the recording of the content information is started together with the copyright information obtained from the content information 22 as a reproducible condition in the reproducible condition file 15 in the hard disk drive HDD. .
[0026]
Here, the reproducible condition is a condition for decrypting the encrypted content information, and includes reproducible area information. This condition may be, for example, a reproduction history that indicates how many times the content information has been reproduced, or a movement history that indicates which region of the content information has already been moved. The area information is specified by one or a plurality of position information. This reproducible condition may be set by a provider of content information or may be set by another method. Further, it may be expressed in the form of a time at which playback can be started, or may be expressed at the head position of data at which playback can be started.
[0027]
The reproducible condition is not limited to the condition for decrypting the encrypted content information. That is, the reproducible condition is a condition as to whether or not the decrypted content information may be output from the information recording / reproducing apparatus. When the reproducible condition is not satisfied, the content information is decrypted and the content information is information Even if the control unit 3 is configured so that it is not output to the outside of the recording / reproducing apparatus, the same effect as that of the present invention is exhibited.
[0028]
FIG. 4 shows the recorded content information. Point A indicates the recording start time, and point B indicates the position where the reproduced (moved) area and the unreproduced (unmoved) area are separated. When a plurality of programs are multiplexed in the transport stream, the reproducible condition may be independently provided for each program.
[0029]
The title key generator 21 outputs a title key T for encrypting content information. The content encryption unit 23 encrypts the content information 22 with this key, and records the encrypted content information 18 on the hard disk drive HDD. When recording a program having copy-once copyright information, the copyright information indicates that copying cannot be made any more and is recorded as a copy no more (Copy No More) state.
[0030]
The device key register 4 stores different key values for each receiver. Since the device key D must not be rewritten by the user, it is stored in ROM, EEPROM, or the like. However, if a countermeasure such as encryption is taken, it may be stored in the hard disk drive HDD as a file instead of a register. The device key D may be used by decrypting the encryption key stored in the hard disk drive HDD with the device key D, instead of using the value of the device key register 4 directly.
[0031]
The title key T is encrypted with the device key D by the title key encryption unit 25 and is recorded on the hard disk drive HDD as the encrypted title key T ′ file 17.
[0032]
All or part of the reproducible condition information recorded in the hard disk drive HDD by the control unit (recording control) 3 and the encrypted title key T ′, which is relevance information indicating the relevance between the content information and the reproducible condition, Find the hash value for. The obtained hash value is recorded in the hash register 11.
[0033]
(Reproduction processing according to the present invention)
Next, a reproduction process for reproducing the encrypted content information 18 recorded as described above will be described in detail with reference to the drawings.
[0034]
FIG. 1 is an explanatory diagram for explaining processing among the encryption / decryption unit 1, the remote controller that is the user instruction unit 2, the control unit 3, the power-off detector 29, and the hard disk drive HDD in FIG. 3. . Here, the broken line drawn inside the encryption / decryption unit 1 indicates the one-chip C. By configuring the configuration within the broken line with the one-chip C, further security can be provided.
[0035]
1. Judgment of playback condition
First, it is determined whether or not the reproduction process desired by the user matches the reproducible condition. The control unit (reproduction control) 3 receives a reproduction start instruction and a reproduction start position instruction from the user from a remote controller that is the user instruction unit 2. If the reproduction involves moving the content information to DVHS, the reproduction of the program having the copy-no-more copyright information should be limited to the content information portion that has not yet been moved.
[0036]
In the case of a stream in which a plurality of programs are multiplexed, reproduction limited to the content information portion that has not yet been moved for each program is permitted.
[0037]
There are also programs that can be copied and viewed only a finite number of times. In this case, only the portion whose number of times indicated by the condition is 1 or more is permitted to be reproduced for reproduction or viewing.
[0038]
The comparison unit 8 reads the reproducible range indicated by the reproducible condition corresponding to the program to be reproduced (moved) from the hard disk drive HDD and compares it with the reproduction start position included in the reproduction start instruction from the user. If a plurality of programs are reproduced (moved) at the same time, the respective programs are compared. Also, a comparison is made as to whether or not the number of reproducible times of the portion to be reproduced is 1 or more.
[0039]
The reproducible condition here is reproducible area information that is given for each piece of content information by distinguishing a reproduced area and an unreproduced area, and specifies the number of times of reproduction for each area. is there. As a result, for example, in the case where an intermediate area is reproduced (moved) due to power interruption or the like, but the latter half area is not reproduced (moved), the possibility of reproduction is determined for each area after the power is restored.
[0040]
As a result of the comparison process of the comparison unit 8, when the instruction from the user is out of the reproducible range, or when the reproducible number is 0, this result is returned to the control unit 3, and the control unit 3 Reject the playback instruction itself. As a result, reading control of the title key decryption unit 10, the content decryption unit 13, and other hard disk drives HDD is not executed. At that time, a message such as “Cannot be played because it has been played (moved)” is displayed using a display screen (not shown). At the same time, it is also preferable to display the corresponding program name.
[0041]
2. Judgment of falsification of playback conditions and decryption processing
Next, it is determined whether or not the reproducible condition recorded in the hard disk drive HDD has been falsified.
[0042]
The reproducible condition file 15 and the encrypted title key T ′ file 17 are read from the hard disk drive HDD, and the hash calculator 7 obtains the hash value from the reproducible condition value and the encrypted title key T ′ value.
[0043]
The device key register 4 stores a device key D having a different value for each receiver. Since the device key D must not be rewritten by the user, it is stored in ROM, EEPROM, or the like. However, if measures such as encryption are taken, the file may be stored in the hard disk drive HDD as a file instead of the device key register 4. The device key D may be used by decrypting the encryption key stored in the hard disk drive HDD with the device key instead of directly using the value of the device key register 4.
[0044]
Next, the previous hash value is read from the hash register 11 and compared with the output of the hash calculator 7 by the comparison unit 12. If the results match, it is assumed that the reproducibility condition file 15 and the encrypted title key T ′ file 17 of the hard disk drive HDD are not falsified and the contents can be trusted.
[0045]
At that time, using the device key D read from the device key register 4, the title key decryption unit 10 decrypts the encrypted title key T ′ read from the encrypted title key T ′ file 17 to obtain the decrypted title key T. .
[0046]
If the previous hash value does not match the current hash value, the decrypted title key T is not output, so that the content information is not decrypted. However, even if they do not match, the content information is decrypted and the control unit 3 prevents the content information from being output to the outside of the information recording / reproducing apparatus.
[0047]
When the recorded content information is played back for the first time, the playable condition indicates that the time from the start to the end of the recording is possible. Therefore, it is possible to reproduce at an arbitrary point in the recorded range. If it is not the first time, the range specified in the reproducible condition can be replayed. In accordance with the reproduction start position from the user given through the remote controller as the user instruction unit 2, the data corresponding to the reproduction start position is obtained and the encrypted content information 18 is read from the hard disk drive HDD.
[0048]
The content decrypting unit 13 decrypts the encrypted content information 18 read from the hard disk drive HDD using the decrypted title key T obtained from the title key decrypting unit 10, and decrypts the decrypted content information. Information 14 is output.
[0049]
If the reproduction is intended for viewing, then the video signal is restored by the MPEG decoder 57 and then displayed on the display output device 56.
[0050]
In the case of reproduction intended for recording on DVHS or the like, the decrypted content information is transmitted to a transmission path such as IEEE 1394 through an output interface 59 such as an IEEE 1394 interface.
[0051]
(Content information transfer process)
Next, a case will be described in which the copyright information of the reproduction content information is in a copy-no-more state, and the reproduction instruction is a transfer to a recording device such as DVHS using a transmission path such as IEEE1394.
[0052]
When playback is started for movement (or viewing) and an instruction to stop playback is given from the user by the remote control that is the user instruction unit 2, the portion up to the point of time when playback is finished is erased or played from the hard disk drive HDD. It must be made impossible.
[0053]
FIG. 4 shows a case where playback is started from the beginning of the recorded content information and stopped halfway. This reproduction is reproduction for movement, but may be reproduction for viewing. The reproduction start position designated by the user is the beginning A of the recorded content information, and the stop position is B. The reproduced area is between A and B, and this area must not be reproduced (moved). An unreproduced area, that is, B to C are reproducible areas.
[0054]
FIG. 5 shows a case where playback is started from the middle of recorded content information and stopped halfway. This reproduction is reproduction for movement, but may be reproduction for viewing. The stop position is C when the playback position designated by the user is after the beginning of the recorded content information, that is, at time B. The reproduced area is between B and C, and this area must not be reproduced (moved). A to B and C to D are unreproduced areas and are reproducible areas.
[0055]
FIG. 6 shows a case where the reproduction is started from the middle of the recorded content information which can be reproduced up to two times and stopped halfway. The stop position is C when the playback position designated by the user is after the beginning of the recorded content information, that is, at time B. Between B and C, the remaining number of reproducible times is one, and this region can be reproduced once more. The area from A to B and the area from C to D are areas that can be reproduced two more times.
[0056]
When the reproduction is stopped, the time point indicating the time point or the vicinity thereof is recorded as one of the reproducible area information in the reproducible condition and recorded in the hard disk drive HDD. In consideration of the cases as shown in FIGS. 5 and 6, the reproducible condition is not only the position where reproduction is stopped, but also the start and end points of all reproducible areas. In FIG. 5, A, B, C, D May be included and the number of possible playbacks of each section.
[0057]
In this way, by including the reproducible area information in the reproducible condition and the information of the regenerated area and the unreproduced area, or the reproducible area information by the number of times of reproduction, after moving or viewing only a part of the content information, It is possible to perform processing such as reproducing all the remaining areas where movement or viewing is permitted for the purpose of movement, and reproducing areas not yet viewed for the number of times given first.
[0058]
(Updating playback conditions by stopping playback)
The value of the reproducible condition that already exists in the hard disk drive HDD before reproduction is updated.
[0059]
In the case where positions A, B, C, and D are included as reproducible conditions, the comparison unit 8 assumes that the reproduction start position designated by the user is G.
Whether A is less than or equal to G,
Whether G is less than or equal to B,
Whether C is less than or equal to G,
Whether G is less than or equal to D,
It is determined whether or not playback is possible by comparing the above. Further, it is determined whether or not the number of reproducible times in each section is 1 or more.
[0060]
When the reproduction is stopped, the reproducible condition updated from the control unit (reproduction control) 3 is written in the hard disk drive HDD. The hash calculator 9 performs a hash operation on the reproducible condition and the value of the encrypted title key 17, and the result is recorded and updated in the hash register 11.
[0061]
If the hash value is obtained for each reproducible condition of the content information to be reproduced, there are as many hash values as the number of content information. The reproducible conditions of the content information stored in the other are also read from the reproducible condition file 15 of the hard disk drive HDD, and only one hash value is obtained for the combined value. The generated hash value may be stored in the hash register 11.
[0062]
(Renewable conditions when power is turned off)
In some cases, the stop of the recording is not an instruction from the user but is caused by power-off. There may be a case where power can be supplied to the apparatus as long as a short-time processing can be performed after the power is turned off. In this case, the control unit (reproduction control) 3 receives a detection signal from the power shutoff detector 29, and performs processing from generation of the new device key to encryption and storage of the title key after the power shutoff is detected. .
[0063]
If such an update process cannot be performed, the reproducible condition is not updated and the state before reproduction is retained, and the content information can be reproduced any number of times. In this case, it is preferable to update the reproducible condition by periodically generating the new device key and encrypting the title key from the start of the reproduction of the content information.
[0064]
The new device key may be generated only once at the start of reproduction. In this case, the encrypted title key generated before the actual stop point is not recorded in a place where it can be freely read and written such as the hard disk drive HDD so that it is not reused later. To record. Then, the encrypted title key T ′ at the time of stopping may be recorded in the hard disk drive HDD immediately before the power is turned off or when the power is turned on again.
[0065]
(Details of calculation processing)
Next, the timing for executing the above-described calculation using the device key will be described in detail using a flowchart. These processes are performed by the control unit (reproduction control) 3 or the control unit (recording control) 3.
[0066]
In FIG. 7 which is a flowchart at the start of reproduction, when reproduction is started (S10), the reproducible condition file 15 and the encrypted title key T'17 are read out, and a hash value is obtained from them (S11). Then, the obtained hash value is compared with the hash value already recorded in the hash register (S12). If they match (S13), the content information is decrypted and reproduced using the decrypted content information encryption key (S14). If they do not match, the content information encryption key T ′ is not decrypted, the content information is not decrypted, or the decrypted content information is not output from the information recording / reproducing apparatus even if decrypted, and the content information is output to the outside. (S15).
[0067]
(Updating playback conditions by stopping playback)
Next, the above-described processing at the time of stopping playback will be described in detail with reference to the flowchart of FIG. When a playback stop instruction is issued from the user or when power-off is detected (S21), the playable condition of the title played back at that time is changed (S22). That is, as the reproducible area information, information for each area where processing is different, such as reducing the number of reproducible times from the reproduction start time to the stop time by one, or having been regenerated, is updated and recorded as reproducible conditions. A new hash value is calculated using the reproducible condition of the update result (S23). The obtained hash value is recorded in the hash register 11 (S24).
[0068]
In this case, when the power supply is cut off and the reproduction is stopped, the processing from step S22 to step S24 must be performed after detecting the interruption of the power supply, depending on the configuration of the power supply circuit of the information recording / reproducing processing apparatus. May not be able to complete all processing until the power is completely turned off. In that case, by executing the processing shown in FIG. 8 every predetermined time, for example, every minute, the information at the time of power interruption can be updated and replayed even if the power is unexpectedly cut off. It can be secured as a condition and a hash value.
[0069]
(Preventing unauthorized processing according to the present invention)
It is assumed that the user gives a reproduction instruction for the purpose of reproduction (or movement) of the content information area that has already been reproduced (or moved) as reproduction start and position designation. In this case, in the calculation by the comparison unit 8, it is detected from the comparison result with the value read from the reproducible condition file 15 that the position to be reproduced is a position that should not be reproduced, thereby preventing copying. Can do. In addition, the content information area that has been reproduced by the number of reproductions indicated by the number of reproductions can be prevented from being reproduced because the number of reproductions is zero.
[0070]
Now, a case where the reproducible condition file 15 is further tampered and returned to the top of the content information area that has already been reproduced (or moved) or the number of times is increased will be described. In this case, although the illegal copy cannot be detected by the arithmetic unit 8, the result calculated by the hash arithmetic unit 7 is compared with the contents of the hash register 11 by the comparison unit 12, and the correct reproducible condition is stored in the hash arithmetic unit 7. Since the value is different from the given value, tampering can be detected, and unauthorized copying can still be prevented by not decoding the content information.
[0071]
In addition, since the hash value is obtained by calculating the reproducible condition including copyright information, the calculation can be performed at a higher speed than when the entire content information is encrypted even if the copyright information and the playback condition are changed. . Therefore, even if the calculation is started after the reproduction is stopped or after the power is turned off, the calculation can be completed in a short time.
[0072]
Even when the time from when the power supply is detected to when it is completely shut down is short, the conditions at the time of power off are recorded, so the playback process according to the playback conditions at the time of power off Is possible.
[0073]
<Prevention of other unauthorized processing according to the present invention>
For example, when the first 10 minutes of content information has been reproduced, dummy data of 10 minutes is further added to the head of the data, and reproduction (or movement) is performed from the position of the 10 minutes of the dummy data. An illegal process that can substantially reproduce (or move) the area from the beginning of the content information is conceivable. Even if there is a condition that playback is possible from the position 10 minutes after the beginning, this fraudulent processing is established by falsifying information about where the 10-minute position is on the content information. Is.
[0074]
As a countermeasure against the unauthorized processing, there is a method of generating key information T for encrypting content information including time information and a counter value. That is, during the recording process, in the description of FIG. 2, the content information is encrypted with the key having a single value generated from the title key generation unit 21, but the time information given from the control unit 3 A key is generated using the value obtained by calculating the output of the title key generation unit 21 (or a counter value that is incremented by 1 at a simple fixed interval), and is encrypted by this.
[0075]
In the reproduction process, in FIG. 1, a key is obtained by calculating time information generated from the control unit 3 and a value decrypted by the title key decryption unit 10, and the content decryption unit is obtained using this key. At 13, the content information is decrypted.
[0076]
In this way, by including the time information or counter value in the key information, the time data or counter value and the position of the content information can be uniquely linked. As a result, at the time of playback, let's deceive the result of comparing the position information included in the playable condition with the play specified position from the user by the comparison unit 8 by an illegal process in which the information of the head area of the content information is missing or added. However, even if the reproduction designated position is 10 minutes, the key cannot be correctly decrypted without using 0-minute time data or a counter value. As a result, by using the encryption key including the time information (or the counter value), it is possible to prevent the unauthorized processing described above.
[0077]
With the various embodiments described above, those skilled in the art can realize the present invention. However, it is easy for those skilled in the art to come up with various modifications of these embodiments, and have the inventive ability. It is possible to apply to various embodiments at least. Therefore, the present invention covers a wide range consistent with the disclosed principle and novel features, and is not limited to the above-described embodiments.
[0078]
For example, in the above-described embodiment, the content information is decrypted with the title key T, and the title key T is encrypted with the device key D unique to the receiver. However, this content information encryption method and the feature and effect of the present invention are the management of the reproducible information for each region having different usage history of the content information of the present invention and the operational effect of preventing falsification of the reproducible information. It is not relevant. Accordingly, it is not always necessary to encrypt the content information, and the operational effects of the present invention can be achieved by determining the reproducible conditions for each region having different usage histories and determining whether the reproducible conditions are falsified. Is.
[0079]
Therefore, within the scope of the present invention, the presence / absence of encryption of content information and the method of encryption can be freely changed.
[0080]
Furthermore, in the above-described embodiment, the reproducible condition is calculated by a hash operation, and tampering is detected by comparing the calculation results. However, the operation performed here is not limited to the hash operation, Any logical operation of the above will have the same effect.
[0081]
The target of the hash operation may be only the reproducible condition, whether the encrypted title key T ′ is added thereto, time information is added, or other information is added. The present invention does not greatly change the gist of the present invention, and exhibits the same effects.
[0082]
【The invention's effect】
As described above in detail, according to the present invention, even if there is an interruption by updating the reproducible condition including the reproducible area information for the remaining area in consideration of the interruption during the reproduction of the content information. The amount of processing that prevents unauthorized reproduction of content information can be reduced by ensuring the reproduction of the remaining area that has not been performed, and at the same time, detecting falsification of the content information reproducibility condition using, for example, a hash operation The present invention provides an information recording / reproducing apparatus realized by the above arithmetic processing or this method.
[Brief description of the drawings]
FIG. 1 is an explanatory diagram for mainly explaining reproduction control in an example of an information recording / reproducing apparatus according to the present invention.
FIG. 2 is an explanatory diagram for mainly explaining recording control in an example of an information recording / reproducing apparatus according to the present invention.
FIG. 3 is a block diagram showing the overall structure of an example of an information recording / reproducing apparatus according to the present invention.
FIG. 4 is a diagram showing an example in which recorded content information handled by the information recording / reproducing apparatus according to the present invention has been partially reproduced.
FIG. 5 is a view showing another example in which recorded content information handled by the information recording / reproducing apparatus according to the present invention is partially reproduced.
FIG. 6 is a diagram showing an example of a case where recorded content information handled by the information recording / reproducing apparatus according to the present invention has been reproduced by a partially different number of reproductions.
FIG. 7 is a flowchart for explaining an example of reproduction processing of the information recording / reproducing apparatus according to the present invention.
FIG. 8 is a flowchart for explaining an example of a recording process of the information recording / reproducing apparatus according to the present invention.
[Explanation of symbols]
DESCRIPTION OF SYMBOLS 1 ... Encryption decoding part, 2 ... User instruction | indication part, 3 ... Control part, 4 ... Device key register, 7 ... Hash calculating part, 8 ... Comparison part, 9 ... Hash calculating part, 10 ... Title key decoding part, 11 ... Hash Register, 12 ... Comparison unit, 13 ... Content information decryption unit, HDD ... Hard disk drive, 14 ... Content information, 15 ... Playable condition file, 17 ... Encrypted title key T 'file, 18 ... Encrypted content information, 21 ... Title key generation unit, 22 ... content information, 23 ... content encryption unit, 25 ... title key encryption unit.

Claims (12)

A setting unit that receives the content information and sets and records the reproducible condition of the content information;
A power-off detection unit that detects that the power has been cut off;
When the reproduction of the content information is started and stopped, or when the power interruption detection unit detects the interruption of the power and the reproduction is stopped, the reproduction enable condition is set according to the stop position from the reproduction start position. An update section to update;
An encryption unit for encrypting and recording the content information with key information;
A calculation unit that calculates information of the reproducible condition updated by the update unit and records a calculation result;
When receiving a playback start instruction, a playback condition determination unit that determines whether the instruction matches the playback condition updated by the update unit;
When the reproducible condition determining unit determines that the reproduction start instruction matches the reproducible condition, the information of the reproducible condition used by the reproducible condition determining unit is calculated to obtain a calculation result, Compared with the calculation result calculated and recorded by the calculation unit, if both match, the tampering determination unit determines that the reproducible condition is not tampered;
When the falsification determination unit determines that there is no falsification, the content information encrypted by the encryption unit is decrypted and output using the encryption key, and when the falsification determination unit determines that falsification has occurred, A decryption unit that does not decrypt the content information or outputs a signal obtained by decrypting the content information using the encryption key;
An information recording / reproducing apparatus comprising: The calculation unit and the falsification determination unit perform a calculation on both the relevance information set by the setting unit and the relevance information indicating the relevance between the content information and the reproducible condition information. 2. The information recording / reproducing apparatus according to claim 1, wherein the calculation results are compared. The encryption key used in the encryption unit and the decryption unit is relevance information indicating the relevance between the content information and the reproducible condition. 2 When the encryption relevance information is recorded and the tampering determination unit determines that the tampering determination unit has not been tampered with, the encryption relevance information is decrypted using the second encryption key. 2. The information recording / reproducing apparatus according to claim 1, wherein the content information is decrypted and reproduced or output by using the related information. 2. The information recording / reproducing apparatus according to claim 1, wherein the reproducible condition includes reproduction number information indicating how many times the predetermined area of the content information has been reproduced. The calculation unit and the falsification determination unit include relevance information indicating a relevance between the reproducible condition set by the setting unit and the content information, the reproducible condition information, and the encryption unit and 2. The information recording / reproducing apparatus according to claim 1, wherein an operation is performed on the encryption key used in the decryption unit, and the operation results are compared. The information recording / reproducing apparatus according to claim 1, wherein the calculation unit and the falsification determination unit obtain a calculation result by performing a hash calculation on the reproducible condition. Receiving content information, recording and setting the playback conditions for this content information,
Detect this if there is a power interruption,
When the playback of the content information is started and stopped, or when the playback is stopped by detecting a power-off in the detection, the playback condition is updated from the playback start position according to the stop position,
The content information is encrypted and recorded with key information,
Calculate the updated playable condition information and record the calculation result,
Upon receiving a playback start instruction, it is determined whether this instruction matches the updated playable condition,
When it is determined that the playback start instruction matches the playable condition, the calculation result is obtained by calculating the playable condition information used for the determination of the playable condition, and calculating and recording the calculation result. If both match, it is determined that the reproducible condition has not been tampered with,
When it is determined that there is no falsification, the encrypted content information is decrypted and output using the encryption key, and when it is determined that the falsification has occurred, the content information is not decrypted, or the content information An information recording / reproducing method characterized by not outputting a signal decrypted using the encryption key. At the time of the calculation and the tampering determination, the calculation is performed on both the relevance information indicating the relevance between the set reproducible condition and the content information, and the reproducible condition information. 8. The information recording / reproducing method according to claim 7, wherein the calculation results are compared. The encryption key is relevance information indicating a relevance between the content information and the reproducible condition. 2 When the encryption relevance information is recorded and the encryption relevance information is recorded and it is determined that the tampering is not performed, the encryption relevance information is decrypted using the second encryption key, and the decrypted relevance 8. The information recording / reproducing method according to claim 7, wherein the content information is decoded and reproduced or output using the information. 8. The information recording / reproducing method according to claim 7, wherein the reproducible condition includes reproduction number information indicating how many times the predetermined area of the content information has been reproduced. In the calculation and the tampering determination, relevance information indicating the relevance between the set reproducible condition and the content information, the reproducible condition information, and the encryption used in the encryption and decryption 8. The information recording / reproducing method according to claim 7, wherein a calculation is performed on a key and the calculation results are compared. 8. The information recording / reproducing method according to claim 7, wherein, in the calculation and the tampering determination, a hash calculation is performed on the reproducible condition to obtain a calculation result.

Images